Bob Bob
2004-Sep-26 06:42 UTC
[Samba] Slow Samba - Winbind - NT PDC - low bandwidth - Understanding the reason
Hi all.. I apologies for the length. Run a very old Samba version (2.2.5 - Yes security problems) and winbind on two boxes. One on the same (local) LAN as the NT4 PDC, the other (remote) on the end of an often congested link (512K) This is part of a fairly large WAN - maybe 12 domains and the head "IT group" partway through implementing AD. They are also responsible for providing WINS for both the local LAN and the remote one. The remote-ish Samba box uses the same PDC as the Samba box on the local LAN. There is no BDC. So here is the problem. I am more concerned about understanding rather than fixing this. We will no doubt go to a later Linux version that includes samba with AD support in the next few months. The remote Samba box shares that LAN with a W2K server box. The users at that end see a large disparity in resource wait time (eg UNC share folder openings and printer access) compared to that of those on the local LAN between their Samba and W2K server. For example opening a printer select dialogue on the local LAN (has two Samba printers on it) might take a noticable half second delay but those at the remote end might wait 5 seconds. Note that these are resources on their local LAN, not a connection over the congested link. Note that a mapped resource (eg drive letter) is initially slower from the Samba server but seems to stay cached for a long period. It is more of a problem for UNC shares. There is little difference in server hardware and there are no ethernet issues. Enumeration is off I am thinking that the problem is in the propogation delay of PDC or WINS data from the remote site to either the local PDC or the corporate run WINS system. I made (possibly) small inroads by turning off trusted domains in smb.conf and setting an environment variable (that escapes me at the moment) that restricts winbind to looking for only the domain I want information from. Creating lmhosts entries in the Samba box for the PDC and all other servers in the domain made no perceptible difference nor did creating lmhosts in a remote W2K test workstation for the Samba server. I am guessing that it isnt a WINS issue but a PDC/authentication one. I have to assume that there is some caching of user information on the remote W2K server that doesnt exist on the Samba box. Would anyone care to comment on that? Does the Samba box talk to the PDC a lot or is there anything/a setting that might make it talk "too much"? If it is worth posting my smb.conf pls say so. Cheers Bob